Forum Discussion
Disable specific ASM attack signatures on specific URL?
I'm running v 10.2.3
- jwham20NimbostratusJesse,
- hooleylistCirrostratusWhat type of attack sigs do you want to disable? Once you define the specific URL in the policy, you shouldn't have any URL attack signatures applied to the URL as it's been explicitly defined.
- Jesse_42915NimbostratusPosted By hoolio on 12/27/2011 03:29 PM
I have disabled some attack signatures on the parameters as you described, and that seems to work well if there is a parameter to deal with. But what if there is not specific paramater?
For example, I've got some blocking from Signature ID 200002279 - SQL-INJ "delete from" (Headers). In this example, it isn't a parameter that is being enter that is causing the issue. How would I disable that signature on a specific url?
- hooleylistCirrostratusHi Jesse,
- Jesse_42915NimbostratusAaron,
- MandrakeNimbostratusHi Experts,
- MandrakeNimbostratusoops, found it, had to enable ASM irule events in asm policy
- MandrakeNimbostratusLooks like this irule is working till allowing what i need to, however i am still stuck with logic in else statement, how do i make sure user gets to requested uri, any pointers ?
- hooleylistCirrostratusHi Prashant,
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com